[Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits? (original) (raw)
Sebastian Krause sebastian at realpath.org
Fri Jun 10 13:01:23 EDT 2016
- Previous message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
- Next message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Guido van Rossum <guido at python.org> wrote:
I just don't like the potentially blocking behavior, and experts' opinions seem to widely vary on how insecure the fallback bits really are, how likely you are to find yourself in that situation, and how probable an exploit would be.
This is not just a theoretical problem being discussed by security experts that could be exploited, there have already been multiple real-life cases of devices (mostly embedded Linux machines) generating predicatable SSH keys because they read from an uninitialized /dev/urandom at first boot. Most recently in the Raspbian distribution for the Raspberry Pi: https://www.raspberrypi.org/forums/viewtopic.php?f=66&t=126892
At least in 3.6 there should be obvious way to get random data that always guarantees to be secure and either fails or blocks if it can't guarantee that.
Sebastian
- Previous message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
- Next message (by thread): [Python-Dev] BDFL ruling request: should we block forever waiting for high-quality random bits?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]